Security Management Today recently chaired a high level debate concentrating on procurement in the sector and ways in which current practices might be improved. Following on from last month’s initial discussion at CMP Information’s Ludgate House hq (‘Procure all’, SMT, January 2008, pp26-30), Brian Sims asks some of the industry’s leading practitioners to provide workable solutions.
Security Management Today (SMT): What makes a good security solutions provider from the client’s perspective, and how might we improve the relationship between buyers and suppliers?
Dennis Gotts: From the client perspective, we’re not looking for suppliers or contractors. We want partners. Some of the contracts we enter into are over a 20-year timeframe. We look for partners who have made an effort to understand our business, hold the same corporate values as we do and, typically, follow a similar corporate social agenda as well.
How can we improve the buyer-supplier relationship? Longer-term contracts is a good place to start. That way there’ll be proper investment in terms of resources and management time. On the long-term contracts we can also transfer the risk of any security failure to our partner organisation. Once you have found a supplier who can actively and willingly take on that risk then you’ve reached what I’d call a true partnering arrangement.
Mike Brookes: Security isn’t always core for every business. That’s the problem solutions providers face. I agree with Dennis’ partnering philosophy, but any organisation can only run so many effective partner relationships.
SMT: How does that work on the systems side of the equation? Given the ever-changing nature of product solutions and the platforms on which they reside, how can the end user tie-in to a long term deal with any given manufacturer?
Yash Patel: They can, if the supplier supports them properly.
Chris Brown: End users need freedom of choice of vendor products and, crucially, a front end that’s seamless. The control system has to be able to accommodate 60% of manufacturers’ protocols such that the end user’s system will not be made redundant at some point in the future. Security managers must look at all Best of Breed technologies to determine which one will work for them.
Alun John: Your approach to purchasing is excellent, Dennis. That’s the way things should be done. However, only about 10-20% of the industry has a cultural fit with your ideals.
Chris Brown: The distributors can and do have a lot of contact with systems integrators. I think it’s fair to state that suppliers are well qualified to act on behalf of the manufacturers.
Alun John: I’m enjoying a lot of positive feedback from the end users of CCTV. There’s a danger of us putting over the view that everything’s going wrong with surveillance when there is an awful lot going right. What we need to do is look at networking products and meshing them together in a better way.
Jackie Foxford: It’s not that CCTV cameras don’t work, Alun. They do. They’re just not being deployed as effectively as they could be. Client organisations are spending an awful lot of money on CCTV, but perhaps not all of them are using their systems properly.
Alun John: When the big town centre schemes were first installed, the powers-that-be never budgeted for ongoing maintenance. Much of the allocated budget went on capital procurement. Bus lanes are being monitored now to generate revenue to fund the skilled operators needed to view town centre images.
SMT: There has been much discussion of the ‘one-stop shop’ – the supplier who can offer every conceivable service to the end user. Surely that’s not realistic in our industry? There’s no way that JVC, for example, is ever going to join forces with MITIE’s guarding operation… And where does the security consultant fit in?
Jeff Flanagan: There are clients who do want one solutions provider with whom they can work. Reliance Security Services has probably demonstrated one of the best integrated solutions offerings so far. They have a number of corporate customers who drive that. The trick is to give the customer what they want.
Bob Holmwood: From a consultancy perspective, I would hope that all security consultants are looking to create a partnership with their client. We have provided interim management and specific consultants for business continuity planning. That kind of service should already be there. Understanding the host business, the threats and the liabilities to it are all absolutely pivotal.
SMT: How might the client see behind the ‘veneer’ of the sales pitch? What sort of questions should clients be asking of their solutions providers during the procurement process and the tendering stages?
Jackie Foxford: Clients must insist on seeing and checking references and Case Studies. They should instigate dialogue with other clients already using a given provider’s services. End users should be taking the time out to go and see the systems in use elsewhere. Only then can they really hope to make a proper judgement based on reality rather than the brochure.
Free trials of systems are a good idea. How compatible are the systems you’re looking at in relation to your company and how it operates?
Speaking frankly, I wouldn’t want to work with some suppliers simply because of the tactics employed by their sales managers. You just don’t want to talk to them.
SMT: What about the whole question of building procurement in relation to security? Are Boards of Directors beginning to wake up to the fact that security practitioners must be brought in at the earliest possible stage so that they can influence physical structures and design-out potential security problems?
Bob Holmwood: The architect will be in at Day One. There will be a concept. We will then have the opportunity to graft on Secured by Design and environmental security issues. We’d devise an integrated solution, mixing technology, personnel, landscaping and design and then take that through to conclusion.
For some projects we will be brought in at Stage A. On the iconic projects we’ll be there from the very start. If consultants are brought in at a late stage, it’s true that security is possibly going to be compromised. What we cannot deal with by design we’ll deal with by way of systems and people.
The end user of the building should be in on the discussions at an early stage, but this isn’t always the case. If they’re not, we have to make assumptions about how people are going to use a building. We need to know where the main entrance is to be located. Where is the Post Room going to be? Is there a time and/or spatial dimension to usage? Is there 24/7 occupation? These issues must be considered.
The majority of architects are employing us at an earlier stage now. There seems to be a better understanding among them of the basic concepts of security than their used to be.
SMT: How can we move away from the ‘lowest cost always wins’ culture that continues to dog the industry?
Yash Patel: Most specification sheets for systems look the same, but there’s more to it than just specification. Many consultants are now asking us for mean time between failure statistics. There are manufacturers who are low cost, and take the cheap and cheerful approach. They’ll not come into the discussions. Mean time between failure figures should be quoted by the supplier and demanded by the end user.
Bob Holmwood: That’s why it’s so important that the tender documentation is either loose for a reason or very specific for a reason. It mustn’t ‘float’ somewhere in the middle. The tendering process is key in moving away from the lowest cost culture.
At times, we’ll complete operational requirement documentation. We subsequently have to spend an awful lot of time researching the systems put forward. We’ll then take some of that equipment and test it ourselves.
In turn, we create a relationship with solutions providers. That relationship can fall over, though, if there’s a lack of common ground on what’s being provided for a project. There can be a lack of co-ordination, with expectations of either party not being met.
Alun John: I’m not entirely sure of the exact figures, but I suspect that less than 30% of security systems are awarded by tender. For a great swathe of specifications, medium-sized businesses will invite three or four installers in and say: ‘What can you do for us?’ Their view of the world is based on what a handful of installers tell them. That ‘middle sector’ of client organisations is becoming increasingly muddy if you are talking about specification.
Chris Brown: Personally, I don’t think the SMEs will ever move away from the lowest cost culture. Here, the end user will ask for a colour camera. They’ll not specify the number of TV lines resolution they require, etc. They’re not interested in things like voltages and colour bursts at this end of the specification market.
Bob Holmwood: On a daily or weekly basis we are given huge projects. They start with a threat and vulnerability analysis, and then we move into the arena of the security strategy. We haven’t even thought about what equipment will be going in until such time as we’ve settled on that strategy. We can then optimise the money being spent, be it capital cost or management cost. That way of working applies equally to retrofit or new build projects.
SMT: There are many different types of end user now… Facilities managers tasked with looking after security. Site services managers. Risk managers and pure security managers. How is that affecting procurement? Are risk and security managers one and the same, or are they two very different animals?
Dennis Gotts: If you are talking about the security director level then it’s one discipline. The security director is someone who has that strategic security viewpoint. Further down the chain there’s a security manager who’s most certainly not a risk assessor or a risk manager. They are two completely separate disciplines.
Bob Holmwood: For me, the higher up you go you should also be looking at business continuity management. Security is borne out of business continuity. It’s about a hardening of the business, whether that involves the access control set-up or general processes.
Jeff Flanagan: Business continuity is the single biggest element of the equation, and the single biggest element when it comes to added value provided by the security service, but all-too-rarely is it focused upon by either buyers or suppliers. What happens if security fails? What damage is that going to do to the business?
Jackie Foxford: God forbid that a customer would be fatally wounded in one of our stores. The business would still continue. Being cold-hearted about it, it wouldn’t be a ‘share price sensitive’ occurrence. If our computer centre goes up in flames, though, that would be a massive problem. Hence the reason why business continuity is so vital to us as well as a whole host of companies.
We don’t abide by the ‘lowest cost always wins the day’ philosophy, and I don’t believe any responsible end user would or should.
Jeff Flanagan: There is a differential in terms of who buys security between the larger corporate and the SME.
Bob Holmwood: In a new build situation, we will take the process all the way through. We’ll write the tender documentation, issue schematics and then review the tenders and make suitable recommendations and/or write a report on the different types of tenders submitted. We will list the pros and cons of each. The client will receive a cost-benefit analysis, and the buying decision is theirs. It’s out of our hands. Presumably, that decision is based upon what we’ve written against cost.
Chris Brown: The question clients need to ask themselves is: ‘How important is security to the business?’ If I’m taking my children out for the day in a car and I’m going to be travelling on the motorway, I would rather be in a Volvo if an incident occurred because I know the service I’ll receive should there be an accident will be second to none. You get what you pay for.
Dennis Gotts: If you build specific elements into the tender document as part of the Service Level Agreement then you know exactly what you are demanding and what you’re looking for. This is where the procurement guys come in with their expertise of drawing up SLAs.
Yash Patel: We will look at projects with end users who might want cameras in several stores, then we find we lose the job solely on a price basis because another manufacturer has come in with a cheaper deal. Two years down the line, that client is suffering from a 50% failure rate on the systems. No great surprise really, is it?
Chris Brown: I wouldn’t want to see manufacturers being played off against each other all the time, but I would like to see more independent bench testing going on. The Home Office Scientific Development Branch needs to be doing more. Bodies like that have to take control. They can help influence change and behaviour for the better among end users, manufacturers and installers.
SMT: Underpinning the buying process, there are now seven or eight separate organisations inspecting guarding companies as part of the Approved Contractor Scheme (ACS) assessment. Some of them don’t have a security industry background. How can they possibly be inspecting to the same standards?
Jeff Flanagan: MITIE is audited by the National Security Inspectorate in relation to the ACS. I would say that the rigour of those audits has increased quite considerably since the ACS came into being. The standard has always been high, but has now been significantly enhanced. That’s my view anyway.
It’s true that there are now inspection bodies with no experience of this industry, and if you were cynical about the situation you’d have to say that some guarding companies would opt for the path of least resistance.
In terms of its integrity and robustness, I don’t think the ACS has really achieved everything it set out to do by way of elevating guarding to a consistent benchmark standard followed by continuous improvement. What you’ve seen is that a huge number of companies have merely passed from being pre-ACS to post-ACS. They haven’t changed much.
SMT: Is e-tendering within the security industry perceived to be a positive or negative development?
Jackie Foxford: From my perspective, I have to say that e-tendering doesn’t engender the partnership approach at all.
Alun John: I have been privy to e-tenders for a number of years now, and I think it depends on how well the e-tender is written. We were the beneficiary of some major contracts on the basis of e-tendering. Much rests on how well the procurement team writes the e-tender.
It’s my experience that e-tendering isn’t conducted on the basis of the lowest price winning the day. There are other factors at play. Cultural fit is one of them.
Our bids have sometimes been global. I think the top tier of bids is taken out by the purchaser, plus the lower tier and then negotiations are conducted with the companies sitting somewhere in the middle.
Mike Brookes: I agree with Alun. It does depend on how well the process is structured and conducted. It’s the same as any tender process. You have to sit down and work out what you want to achieve at the end of it. What you’ll find is that in many situations the e-auction merely replaces the final negotiations, which may happen anyhow. Most of the other decision-making will have been made prior to the e-auction being actioned.
Alun John: The best e-tenders are those where there are pre-qualification stages.
Jeff Flanagan: We don’t let just anyone conduct an e-auction. The only ones we’d contemplate are those where I’d be sat in front of the screen pressing the button.
Alun John: The procurers I know who conduct e-tenders are very satisfied with the results. Most of the suppliers probably take a different view, but if e-tendering is carried out properly then I personally don’t have an issue here.
If any issues do arise, it’s usually the case that the e-bid will be amended accordingly when suggestions are made. If you’re not prepared to voice your concerns then you will lose out. That’s true.
Yash Patel: Who is conducting the e-auction? Is it the end user, the installer or the supplier?
Alun John: There are very few installers in this industry with the capacity to do an e-bid because it can cost quite a bit of money. I have seen e-bids where you can view the other companies’ bids. Knowing the manufacturing and materials costs for supplying products across Europe, there’s no way some of these companies could even hope to cover the distribution costs with the bid they’ve made. The switched-on procurer will know this, too.
Bob Holmwood: With e-tendering and other tender processes, the problem arises in terms of what’s not being said. It’s those elements of the project that haven’t been discussed which then suddenly become an issue. We will have pre-tender meetings, mid-tender meetings and end of tender meetings. Everyone involved understands what’s expected of them.
Chris Brown: Looking at how tender documents are conceived, you do see tightly-written specifications. This kind of document will often force the security installer to deviate.
SMT: What can guarding contractors realistically do to convince clients they ought to buy on quality rather than price?
Jeff Flanagan: Most of our customers don’t buy on price. Many of the bigger clients don’t buy solely on price. When we price a contract we have to try and secure the best wage rate we can for the officers. If we can agree on a good wage rate this breeds stability in the workforce. Everything else follows on from that.
I’m happier to bid on a tighter margin if the wage rate is good than on a very high margin with poor wage rates. We’ll walk away from those situations.
Most of our bigger clients want value for money and they’ll get it. Quite rightly. They’re spending lots of money on lots of security. They’re all generally sensible. They realise if they squeeze the process too tightly they’ll have to go back to the marketplace because, at some point down the line, the service will fail.
Conversely, there are some customers who buy solely on price and who do not have any real view of the value of security. They are setting up their guarding solutions providers to fail. It really is as simple as that.
Dennis Gotts: If you are looking at security guarding in terms of cutting hours, very often this will be tied-in with TUPE Regulations anyway, so there can be very little difference in the operative wage rates. Where is the innovation going to come from?
If the price of the service is very low, you can bet your bottom dollar the money will have been saved somewhere in the management of the contract. Usually it involves the first or second level of supervision. That’s where the whole contract falls down.
SMT: Is it fair to say that the basic problem with security guarding doesn’t lie with the officers themselves, but rather with their immediate management on the ground?
Dennis Gotts: If you look at the operatives employed by the Top 5 companies there isn’t too much difference. They’re all regulated and licensed, and operating to good standards. It’s at the supervisory level where the differences lie, in terms of the way in which contracts are managed, the churn of staff and the innovation that’s brought to the contract. These are the real differentiators.
Jeff Flanagan: When we engage with a customer we want them to stay with us for some considerable period of time. That will only happen if we build a relationship and a true partnership. The main element is to provide stable, high quality manpower. It’s then about how you manage that manpower, and how you work in tandem with the client to move the service forward.
If you don’t have fundamental stability in your officer corps it’s very difficult to move the relationship forward as all the contractor will be doing is managing its manpower shortages. That’s not a good platform from which to build. When you go to tender you need to know what your potential customer is all about.
We’re operating in an industry where service failure happens. There will be problems from time to time. In my view, it’s how you recover those problems that distinguishes the quality of the contractor.
We’d never buy contracts at a margin. For one thing, you risk damaging your reputation. Secondly, you’ll undermine your position if you want to grow the business.
SMT: Is it not the case that this has happened and is still happening, though? Guarding providers have been guilty of taking contracts at ludicrous rates just to ‘buy’ market share…
Jeff Flanagan: It’s a case of Fool’s Gold. It has happened, and it’s happening now. There are some contracts we’ve been involved with that have come up for re-bid only recently. We have done a perfectly good job and the customer relationship has been great, but then the lowest price prevails and we lose the contract. It happens less with the bigger customers.
If your relationship is good they will always come back to you if price becomes an issue. Contractors must be alert to the commercial realities of life, but also continually looking to drive efficiencies within their own organisation. They must take the view that the customer is with them for life. If they don’t, the service will always be seen as just another commodity.
Mike Brookes: Procurement specialists will always be under pressure to drive down costs. If suppliers are willing to work with the customer to take that cost and look at better ways of doing things, then you can begin to deliver efficiencies and genuinely move away from the price angle.
Dennis Gotts: Looking at longer term contracts and not short-term ones is a partial answer to many of the questions posed.
SMT: Is it fair to say that security managers must now be able to communicate effectively with a tranche of professionals in all sectors, and ‘talk the language of business and commerce’?
Bob Holmwood: If you are a professional security manager in this day and age, you must be able to speak the language of business. If you can’t you might as well be conversing in a foreign dialect. Some companies will want to talk about the image of security. Others will analyse threats in relation to their business.
Jeff Flanagan: We’ve put in place a new training course for all of our contract managers. There is a significant business element attached to it. Three of our four regions are not run by managers with police or military backgrounds. The big problem is that there’s no single recognised managerial qualification that fits all.
Chris Brown: Look at the IT industry, which really started to bloom in the late 1980s and early 1990s. Everyone in that fraternity is from a qualified and recognised background. They are educated people.
IT is invading the security space more and more. Bandwidth is enlarging. We are going to hit a brick wall soon where the IT model – which is coming more and more into distribution, channel management and systems integration – will take over. We’re already starting to see resellers and systems integrators taking the place of traditional security installers.
Alun John: I don’t think there’s any discernible reason why the IT distribution channel will prevail over the CCTV distribution channel. The only way in which they are not alike is that the IT channel will say it works on a much lower gross margin, but generally offers no value-added services either pre- or post-sale.
SMT: From what you’ve heard about procurement in the security sector, Mike, and as someone with no experience of this industry prior to our discussion, is there anything we can graft on to the sector to make buying practices a little better?
Mike Brookes: The way in which security is perceived within the organisation is crucial. The benefits of particular security systems really need to be sold. What are the client’s needs? Are they being correctly addressed?
I’m amazed that anyone would consider buying security solutions without salient input from a security specialist. That would not sit with the Best Practice espoused by my organisation. Offerings must be differentiated. If they’re not, the focus will always be on price.
For their part, procurement professionals need to be seen to be delivering benefits to the business over and above just removing a bit of cost from the equation. They have to demonstrate innovation.
Security must never be a duress purchase on the basis that something has already gone wrong. That is when all of the worst procurement practices will come into play.
